1. Field of the Invention
The invention pertains to the field of data management. More particularly, the invention pertains to a system and method for authenticating peer data objects in component object systems.
2. Description of the Related Technology
Historically, software applications were designed like warehouses that were used to support factories prior to the advent of just-in-time (JIT) manufacturing. Before JIT manufacturing, warehouses were stored with every part without regard to when the part would be needed or whether the part would be needed at all. Similarly, software applications have traditionally been built using a plurality of modules that are stored in the software application, regardless of whether all of the modules may be needed. One technological problem in developing an object based solution is that software code is typically compiled and linked into an executable program. Once the code is in an executable state, integrating further components into the program is difficult.
However, new object models now provide for the dynamic integration of data objects into a working application. For example, Internet browsers, using an interpretive environment, allow for the dynamic integration of various data objects, such as a Java applet, into the Internet browser.
Although data objects according to current object models contain some limited one-way security features, there is currently no way for the data object to authenticate the identity of the browser and for the browser to authenticate the identity of the data object. At most, data objects are designed with a simple security scheme in which the browser can decide whether or not to trust the data object. If the data object is trusted, the data object is granted access to certain system features. Otherwise, if the data object is not trusted, the data object is given limited access to system features.
Moreover, using current technology, data objects cannot verify the identity of the browser or other data objects that may have been installed in the browser. Due to this limitation, secure and protected data objects cannot be developed since they cannot guarantee that the target environment will recognize and understand their internal security.
Therefore, there is a need for a system that can authenticate the identity of a data object to its peers each time the data object is used. In addition, the system should be able to authenticate the identity of the peers to the data object. After the data object and the peer data objects are identified, the data object should be able to dynamically connect with the peer data objects. Also, if the data object needs a selected peer data object, and if the selected peer data object cannot be found on the system or the peer data object cannot be authenticated, the system should be able to retrieve a peer data object that can be authenticated.
The animating system of the present invention has several features, no single one of which is solely responsible for its desirable attributes. Without limiting the scope of this invention as expressed by the claims which follow, its more prominent features will now be summarized.
One embodiment of the invention includes a method of controlling the usage of data in a computer having one or more peer data objects, the method comprising providing a data object, the data object including a description of one or more of the peer data, determining whether the peer data objects are authorized to communicate with the data object, determining whether the data object is authorized to communicate with the peer data objects, and connecting the data object to the peer data objects based upon authorization being granted such that the data object can communicate with the peer data objects and the peer data objects can communicate with the data object.
Another embodiment of the invention includes a system for controlling the usage of a data object, the system comprising one or more peer data objects, the peer data objects collectively defining a software application, a parser capable of reading from a data object a description of one or more peer data objects that are required for use of the data object, a validate data object module capable of determining whether the data object is authorized to communicate with one or more peer data objects, a validate peer module capable of determining whether the peer data objects are authorized to communicate with the data object, and a wiring module capable of controlling the connection of the peer data objects to the data object.